Add False Start tests

net/test/spawned_test_server/base_test_server.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/test/spawned_test_server/base_test_server.h"
 
 #include <string>
 #include <vector>
 
 #include "base/base64.h"
@@ skipping 22 matching lines @@
       options.server_certificate ==
           BaseTestServer::SSLOptions::CERT_MISMATCHED_NAME) {
     // Return a different hostname string that resolves to the same hostname.
     return "localhost";
   }
 
   // Use the 127.0.0.1 as default.
   return BaseTestServer::kLocalhost;
 }
 
+void GetKeyExchangesList(int key_exchange, base::ListValue* values) {
+  if (key_exchange & BaseTestServer::SSLOptions::KEY_EXCHANGE_RSA)
+    values->Append(new base::StringValue("rsa"));
+  if (key_exchange & BaseTestServer::SSLOptions::KEY_EXCHANGE_DHE_RSA)
+    values->Append(new base::StringValue("dhe_rsa"));
+}
+
 void GetCiphersList(int cipher, base::ListValue* values) {
   if (cipher & BaseTestServer::SSLOptions::BULK_CIPHER_RC4)
     values->Append(new base::StringValue("rc4"));
   if (cipher & BaseTestServer::SSLOptions::BULK_CIPHER_AES128)
     values->Append(new base::StringValue("aes128"));
   if (cipher & BaseTestServer::SSLOptions::BULK_CIPHER_AES256)
     values->Append(new base::StringValue("aes256"));
   if (cipher & BaseTestServer::SSLOptions::BULK_CIPHER_3DES)
     values->Append(new base::StringValue("3des"));
 }
 
 }  // namespace
 
 BaseTestServer::SSLOptions::SSLOptions()
     : server_certificate(CERT_OK),
       ocsp_status(OCSP_OK),
       cert_serial(0),
       request_client_certificate(false),
+      key_exchanges(SSLOptions::KEY_EXCHANGE_ANY),
       bulk_ciphers(SSLOptions::BULK_CIPHER_ANY),
       record_resume(false),
       tls_intolerant(TLS_INTOLERANT_NONE),
       fallback_scsv_enabled(false),
-      staple_ocsp_response(false) {}
+      staple_ocsp_response(false),
+      support_npn(false) {}
 
 BaseTestServer::SSLOptions::SSLOptions(
     BaseTestServer::SSLOptions::ServerCertificate cert)
     : server_certificate(cert),
       ocsp_status(OCSP_OK),
       cert_serial(0),
       request_client_certificate(false),
+      key_exchanges(SSLOptions::KEY_EXCHANGE_ANY),
       bulk_ciphers(SSLOptions::BULK_CIPHER_ANY),
       record_resume(false),
       tls_intolerant(TLS_INTOLERANT_NONE),
       fallback_scsv_enabled(false),
-      staple_ocsp_response(false) {}
+      staple_ocsp_response(false),
+      support_npn(false) {}
 
 BaseTestServer::SSLOptions::~SSLOptions() {}
 
 base::FilePath BaseTestServer::SSLOptions::GetCertificateFile() const {
   switch (server_certificate) {
     case CERT_OK:
     case CERT_MISMATCHED_NAME:
       return base::FilePath(FILE_PATH_LITERAL("ok_cert.pem"));
     case CERT_EXPIRED:
       return base::FilePath(FILE_PATH_LITERAL("expired_cert.pem"));
@@ skipping 294 matching lines @@
 
     std::string ocsp_arg = ssl_options_.GetOCSPArgument();
     if (!ocsp_arg.empty())
       arguments->SetString("ocsp", ocsp_arg);
 
     if (ssl_options_.cert_serial != 0) {
       arguments->Set("cert-serial",
                      base::Value::CreateIntegerValue(ssl_options_.cert_serial));
     }
 
+    // Check key exchange argument.
+    scoped_ptr<base::ListValue> key_exchange_values(new base::ListValue());
+    GetKeyExchangesList(ssl_options_.key_exchanges, key_exchange_values.get());
+    if (key_exchange_values->GetSize())
+      arguments->Set("ssl-key-exchange", key_exchange_values.release());
     // Check bulk cipher argument.
     scoped_ptr<base::ListValue> bulk_cipher_values(new base::ListValue());
     GetCiphersList(ssl_options_.bulk_ciphers, bulk_cipher_values.get());
     if (bulk_cipher_values->GetSize())
       arguments->Set("ssl-bulk-cipher", bulk_cipher_values.release());
     if (ssl_options_.record_resume)
       arguments->Set("https-record-resume", base::Value::CreateNullValue());
     if (ssl_options_.tls_intolerant != SSLOptions::TLS_INTOLERANT_NONE) {
       arguments->Set("tls-intolerant",
                      new base::FundamentalValue(ssl_options_.tls_intolerant));
     }
     if (ssl_options_.fallback_scsv_enabled)
       arguments->Set("fallback-scsv", base::Value::CreateNullValue());
     if (!ssl_options_.signed_cert_timestamps_tls_ext.empty()) {
       std::string b64_scts_tls_ext;
       base::Base64Encode(ssl_options_.signed_cert_timestamps_tls_ext,
                          &b64_scts_tls_ext);
       arguments->SetString("signed-cert-timestamps-tls-ext", b64_scts_tls_ext);
     }
     if (ssl_options_.staple_ocsp_response)
       arguments->Set("staple-ocsp-response", base::Value::CreateNullValue());
+    if (ssl_options_.support_npn)
+      arguments->Set("next-proto", base::Value::CreateStringValue("http/1.1"));

[Ryan Sleevi, 2014/04/02 22:09:13]

Should this be a string option, rather than a bool?

[davidben, 2014/04/03 19:38:36]

Well, I suppose if we want to go really crazy, it could be a string vector or a
bitmask. But a bool is probably sufficient for now since the test server can
only speak HTTP/1.1 anyway.

   }
 
   return GenerateAdditionalArguments(arguments);
 }
 
 bool BaseTestServer::GenerateAdditionalArguments(
     base::DictionaryValue* arguments) const {
   return true;
 }
 
 }  // namespace net